I’ve not read this yet, just passing it along, as it looks really interesting.

I’m not affiliated in any way with this.

ETA: If anyone has read it / bought a copy, a review would be very appreciated.

  • @witten
    link
    English
    1
    edit-2
    6 months ago

    The site links to a site that accepts payment data. So because the author’s site is http, a MITM attacker could change the payment links from lulu.com to site-that-actually-steals-your-credit-card.com.

    That’s one huge thing https provides over http… assurance of unadulterated content, including links to sites that actually deal in sensitive data.